Risk-Adaptive Access Control (RAdAC) is an access control model that incorporates dynamic information about threat levels and security risks. The model contemplates providing a way to set up access control policies that take this dynamic information into account, so that whenever an intrusion is detected, access privileges are automatically lowered.
The extensible access control markup language (XACML) is an OASIS standard which defines a declarative access control policy language implemented in XML and a processing model describing how to evaluate authorization requests according to the rules defined in policies. XACML is primarily an attribute-based control system, in which attributes concerning users, actions, resources, and the operating environment are evaluated to determine whether a user may access a given resource in a particular way.
Intrusion detection systems (IDS), network monitoring tools such as RSA® NetWitness®, and other threat assessment and detection tools are available, but typically when a threat is detected an administrator receives a notification and must take responsive action manually to adjust (e.g., revoke) user privileges in response to a detected threat.